Hierarchical Set Decision Diagrams & Automatic Saturation

Hierarchical Set Decision Diagrams
&
Automatic Saturation
Alexandre Hamez, Yann Thierry-Mieg, Fabrice Kordon

June 2008 - ICATPN’08
LIP6 - LRDE
Xi’an, China
Hierarchical
Set Decision Diagram (SDD)
Atpn – June 2008 2 Hierarchical Set Decision Diagrams & Automatic Saturation
• Evolution of DDD, integer

valued DD [atpn’02] • Increases sharing
• Memory gain
• Idea : hierarchy • Time gain
• Label the arcs with a SET = • cache
Set Decision Diagram • traversals
With
hierarchy
DDD
1
DDD or SDD =
SDD +
referenced values
Saturation
• Model-checking using decision diagrams => (nested) transitive closures

over the transition relation
• Optimizing complexity of this operation critical to efficiency
• [BCM’92] based on BFS style iterations, n iterations required where n
is depth of “deepest” state
s0 N(s0) N2(s0)
• [Roig’95] Chaining may converge faster, based on clusters of

transitions, no longer strict BFS
s0 t1(s0) t2(t1(s0)) t2(t1(t2(t1…(s0)))..))
• [Ciardo’01] Saturation is empirically 1 to 3 orders of magnitude better

Saturation example
• Suppose an event h = if (d <2) d++;
1 2 3 0
a b c d 1
+ h
Iteration 1 1 2 3 1
a b c d 1
1 2 3 [0,1]
BFS style iterations a b c d 1
h
+
1 2 3 [1,2]
a b c d 1
Iteration 2
[0,1,2]
1 2 3
a b c d 1
Saturation effect
• Nested transitive closure or fixpoint = saturation allows:

• single traversal of the top of the tree => cost of + and h
• less intermediate nodes
1 2 3 0
a b c d 1
+ h
Iteration 1 1 2 3 1
a b c d 1
1 2 3 [0,1]
BFS style iterations a b c d 1
h
+
1 2 3 [1,2]
a b c d 1
Iteration 2
Useless intermediate nodes !!
[0,1,2]
1 2 3
a b c d 1
Saturation vs BFS
• Saturation algorithm: [Ciardo et al. TACAS’01]

• Fire transitions from the leaves (terminals) up to root
• Go to ancestor of a node iff. The current node is saturated :
all events that only affect this variable and variables below it
have been fired until a fixpoint is reached
• Each time a node is affected by an event, resaturate it.
• Not BFS anymore, firing order of events follows data
structure
• Huge reduction of time and space complexity
• Good tackling of intermediate peak size effect
• However :
• Definition of saturation algorithm is complex
• Cannot be implemented directly with public API of DD libraries
Our contribution : Automatic saturation
Set Decision Diagrams
• More Formally E : a set of variables

e in E, Dom(e) : its (possibly infinite) domain
e d is an SDD iff.
• d 2 {0,1} or
… ai … • d = <e,>
• Given a partition  of Dom(e)
di
•  :   SDD, s.t. 8 i,j, i  j ) (ai)  (aj)
Arcs to 0 and arcs labeled by ; not represented
Fusing Arcs Splitting arcs

e
e e e
aj\ ai a i\ a j
aj aj ai
ai ai [ …aj …
aj Å ai
di di dj di dj di
di [ dj
Set Decision Diagrams :
A compositional Model
• SDD arcs may be labeled by DDD

• Hierarchical Structure
• Adapted to composition
• captures the similarity of repeated modules
The similarity of behavior

of the philosophers is captured :
8*(1 Philosopher)
DDD sharing
& SDD sharing
State space, With SDD, the state of one

4 philosophers (DDD) philosopher is referenced.
P1 (P1)
P2 (P2)
P3 (P3)
P4 (P4)
P1 // P2 // P3 // P4 (P1) // (P2) // (P3) // (P4) Pi

Homomorphism
Definition
: SDD  SDD
(0) = 0
d1,d2
(d1) + (d2) = (d1+d2)
Examples, hard coded in the library

Id, Id + d, Id * d, Id \ d, Id.d, d.Id
Proposition
If 1, 2 are homomorphisms then
1 + 2 and 1  2 are homomorphisms
Inductive Homomorphism
• Used to define user operations

• Flexible, and powerful
• Benefits from a cache
•  is inductively defined by :
• (1) 2 SDD : constant terminal case
• (e,x) 2 Hom : e in E, x ½ Dom(e):
evaluation for an arbitrary SDD arc
returns a homomorphism to apply on
successor node
Skip predicate
• Skip(e) expresses local invariance: Skip is true => the

variable is neither read nor written
… …
… …
• Extends to composition : f+g and f±g skip a variable e

iff. both operands skip(e)
• Minimal structural information about user operations
that allows to enable saturation automatically
Fixpoint operator : *
• Built-in operator for transitive closure

• * (d) = n (d), where n is the smallest integer
such that
n+1 (d) = n (d)
• May not terminate (n infinite)
• Most often used as an accumulator :
( + Id)*
• Transitive closure naturally expressed as :
(t1 + t2 +…+tn + Id)*
Allows library to automatically enable saturation

Homomorphisms for a Petri Net
• Pre arc homomorphism Post arc homomorphism
• h- returns terminal 0 to prune path if precondition not met

• Skip on e  p : only one variable (place) is affected by the arc
• For a full transition, compose Post after Pre, e.g.

Homomorphisms for Labeled Petri net
• Built-in “local” homomorphism allows to target arc value(s) of a

given variable
e
DDD sharing
& SDD sharing (reminder)
State space, With SDD, the state of one

4 philosophers (DDD) philosopher is referenced.
P1 (P1)
P2 (P2)
P3 (P3)
P4 (P4)
P1 // P2 // P3 // P4 (P1) // (P2) // (P3) // (P4) Pi

Homomorphisms for Labeled Petri net
• Built-in “local” homomorphism allows to target arc value(s) of a

given variable
• Full transition relation for a synchronization is built as a

composition of local operations : e.g. philo P0 finishes eating:
Rewriting rules for homomorphisms
• For Union : H = g_1 +.. +g_n + f_1 + .. + f_m such

that on current variable g terms do not skip and f
terms skip.
… … … … … …
Retirer le I dans variable
• No a priori variable order => Partition of operands of

union is cached
Effect of skip on (H + Id)*
• Case of interest : transitive closure of a set of transitions + Id
… … …
• Additional rules are defined for “local” construction (see proceedings)

Performances
To finish :
Compositional nesting & hierarchy
• SDD arcs may reference SDD

• Hierarchical structure
• Arbitrary depth
• Exemple Philosophers :
2^3 = 8 philosophes:
3 levels of depth
+ representation of a
philosopher
Sharing at every level
Philosophers & Hierarchy :
Potential of SDD
P1 (P1) ((P1 - P2)-(P3 - P4))

- - -
P2 (P2) ((P5 - P6)-(P7 - P8))
- -
P3 (P3)
- - (Pi - Pi+1)
P4 (P4) -
- - (Pi+2 - Pi+3)
P5 (P5)
- - (Pi)
P6 (P6)
-
- - (Pi+1)
P7 (P7)
- -
P8 (P8) Pi
Conclusion
• Latest evolution of decision diagrams : SDD

• Suitable for very large systems
• Well suited to hierarchical/compositional
specifications
• Transparent and efficient transitive closure
• User defined homomorphisms
• Automatic saturation : generalize [Ciardo’01] with
definition independent of a given formalism
• Recursive folding for logarithmic complexity on
some examples
• SDD and DDD distributed as an open-source
LGPL C++ library : http://www.lip6.fr/ddd
Reduced Ordered
Binary Decision Diagrams
BDD for BDD Exploiting

(RO)BDD
Model-checking extensions Symmetries
Context
• Decision diagrams:[BCM'92]
• Initially BDD [Bryant86]
• Compact Structure to represent sets
• Unique table & operation cache
• Complexity linked to number of nodes
• Exploits implicit symmetries between a
elements of the set
• Intermediate peak size problem 1 4
• Very widespread success
• SMV, Smart, Uppaal, Prism, ...
a
2
1
• Data Decision Diagram, ICATPN'2002
J.M. Couvreur, P.A. Wacrenier E. Encrenaz, E. Paviot-Adet, b c
D. Poitrenaud
3 1
• integer domain variables, no ordering,
variable length paths
• Set Operations + inductive homomorphisms 1
Transitive Closure : Fixpoint
State space of a Petri net
• A dining Philosopher + Chopstick

Labeled Petri net : labels
GetL GetR
PutL PutR
Labeled Petri net : synchronisation
• Synchronization on transitions
P0 P1
Labeled Petri net : state space
Synchronization on transitions : closing the loop
P0 P1 P2
Homomorphism application (1)
1 1 0 0 0 0
fork idle WaitL HasL WaitR HasR 1
0
1 0 1
WaitL HasL WaitR
1 1
h-(Idle,1) fork idle WaitL
0
WaitL Skip is true
For variable “fork”
1 1
fork h-(Idle,1) idle WaitL
0
WaitL
1 1 0
fork h-(Idle,1) idle WaitL
0
1
WaitL
h-(Idle,1) idle
1
idle
0
Id0 WaitL
0
0
h-(Idle,1) idle 0
Returning 0 terminal cuts the branch
0
1 1 0 0 0 0
0
1 0 1
WaitL HasL WaitR
Branch is pruned by h-
•Behavior of h+ similar, without pruning effect
0 1 1
1 1 0 0 0 0
Labeled Petri net : state space

Hierarchical Set Decision Diagrams & Automatic Saturation

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Hierarchical Set Decision Diagrams & Automatic Saturation

Uploaded by

Copyright:

Available Formats

Hierarchical Set Decision Diagrams

Alexandre Hamez, Yann Thierry-Mieg, Fabrice Kordon

• Evolution of DDD, integer

• Model-checking using decision diagrams => (nested) transitive closures

• [Roig’95] Chaining may converge faster, based on clusters of

s0 t1(s0) t2(t1(s0)) t2(t1(t2(t1…(s0)))..))

• [Ciardo’01] Saturation is empirically 1 to 3 orders of magnitude better

• Suppose an event h = if (d <2) d++;

• Nested transitive closure or fixpoint = saturation allows:

• Saturation algorithm: [Ciardo et al. TACAS’01]

• More Formally E : a set of variables

Fusing Arcs Splitting arcs

• SDD arcs may be labeled by DDD

The similarity of behavior

State space, With SDD, the state of one

P1 // P2 // P3 // P4 (P1) // (P2) // (P3) // (P4) Pi

Examples, hard coded in the library

• Used to define user operations

• Skip(e) expresses local invariance: Skip is true => the

• Extends to composition : f+g and f±g skip a variable e

• Built-in operator for transitive closure

Allows library to automatically enable saturation

• Pre arc homomorphism Post arc homomorphism

• h- returns terminal 0 to prune path if precondition not met

• For a full transition, compose Post after Pre, e.g.

• Built-in “local” homomorphism allows to target arc value(s) of a

State space, With SDD, the state of one

P1 // P2 // P3 // P4 (P1) // (P2) // (P3) // (P4) Pi

• Built-in “local” homomorphism allows to target arc value(s) of a

• Full transition relation for a synchronization is built as a

• For Union : H = g_1 +.. +g_n + f_1 + .. + f_m such

Retirer le I dans variable

• No a priori variable order => Partition of operands of

• Case of interest : transitive closure of a set of transitions + Id

• Additional rules are defined for “local” construction (see proceedings)

• SDD arcs may reference SDD

P1 (P1) ((P1 - P2)-(P3 - P4))

• Latest evolution of decision diagrams : SDD

BDD for BDD Exploiting

• A dining Philosopher + Chopstick

Synchronization on transitions : closing the loop

•Behavior of h+ similar, without pruning effect

You might also like